hwo to hack wifi

Google hacking

Google hacking, also named Google dorking,[1][2] is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.

Basics[edit]

Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. The following search query would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, for example, "Powered by XOOPS 2.2.3 Final"
One can even retrieve the username and password list from Microsoft FrontPage servers by inputting the given microscript in Google search field:
"#-Frontpage-" inurl:administrators.pwd
or filetype:log inurl password login
Devices connected to the Internet can be found. A search string such as inurl:"ViewerFrame?Mode=" will find public web cameras.
Another useful search is following intitle:index.of[1] followed by a search keyword. This can give a list of files on the servers. For example, intitle:index.of mp3will give all the MP3 files available on various servers.

Advanced operators[edit]

There are many similar advanced operators which can be used to exploit insecure websites:
OperatorPurposeMixes with Other Operators?Can be used Alone?WebImagesGroupsNews
intitleSearch page Titleyesyesyesyesyesyes
allintitle[3]Search page titlenoyesyesyesyesyes
inurlSearch URLyesyesyesyesnot reallylike intitle
allinurlSearch URLnoyesyesyesyeslike intitle
filetypespecific filesyesnoyesyesnonot really
intextSearch text of page onlyyesyesyesyesyesyes
allintextSearch text of page onlynot reallyyesyesyesyesyes
siteSearch specific siteyesyesyesyesnonot really
linkSearch for links to pagesnoyesyesnononot really
inanchorSearch link anchor textyesyesyesyesnot reallyyes
numrangeLocate numberyesyesyesnononot really
daterangeSearch in date rangeyesnoyesnot reallynot reallynot really
authorGroup author searchyesyesnonoyesnot really
groupGroup name searchnot reallyyesnonoyesnot really
insubjectGroup subject searchyesyeslike intitlelike intitleyeslike intitle
msgidGroup msgid searchnoyesnot reallynot reallyyesnot really
The "link:" search operator that Google used to have, has been turned off by now (2017).[4]

History of Google Hacking[edit]

Johnny Long creates "googleDorks" in 2002
The concept of "Google Hacking" dates back to 2002, when Johnny Long began to collect interesting Google search queries that uncovered vulnerable systems and/or sensitive information disclosures - labeling them googleDorks.[5]
The list of googleDorks grew into large dictionary of queries, which were eventually organized into the original Google Hacking Database (GHDB) in 2004.[6] These Google hacking techniques were the focus of a book released by Johnny Long in 2005, called Google Hacking for Penetration Testers, Volume 1.[7]
Since its heyday, the concepts explored in Google Hacking have been extended to other search engines, such as Bing[8] and Shodan.[9] Automated attack tools[10] use custom search dictionaries to find vulnerable systems and sensitive information disclosures in public systems that have been indexed by search engines.
For a full visual timeline, detailing the major events and developments in Google Hacking from 2002 to Present, see the Google Hacking History by Bishop Fox.[11]

References[edit]

  1. Jump up^ Term Of The Day: Google Dorking - Business Insider
  2. Jump up^ Google dork query, techtarget.com
  3. Jump up^ Karch, Marziah. "Allintitle Definition"About.com. About.com. Retrieved 6 September2015.
  4. Jump up^ "John Mueller, Webmaster Trends Analyst at Google"Twitter. Retrieved 2017-01-28.
  5. Jump up^ "googleDorks created by Johnny Long". Johnny Long. Archived from the originalon 8 December 2002. Retrieved 8 December 2002.
  6. Jump up^ "Google Hacking Database (GHDB) in 2004". Johnny Long. Archived from the original on 7 July 2007. Retrieved 5 October 2004.
  7. Jump up^ "Google Hacking for Penetration Testers, Volume 1". Johnny Long. Retrieved 20 February 2005.
  8. Jump up^ "Bing Hacking Database (BHDB) v2". Bishop Fox. Retrieved 27 August 2014.
  9. Jump up^ "Shodan Hacking Database (SHDB) - Part of SearchDiggity tool suite". Bishop Fox. Retrieved 21 June 2013.
  10. Jump up^ "SearchDiggity - Search Engine Attack Tool Suite". Bishop Fox. Retrieved 27 August2014.
  11. Jump up^ "Google Hacking History". Bishop Fox. Retrieved 27 August 2014

Comments

Popular posts from this blog

download free robot 2.0 movie